Description
File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943.
Remediation
References
https://github.com/ming-soft/MCMS
https://github.com/ming-soft/MCMS/issues/42
Related Vulnerabilities
CVE-2021-21342 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2019-19771 Vulnerability in npm package ripedm160
CVE-2023-3620 Vulnerability in npm package tarteaucitronjs
CVE-2021-26275 Vulnerability in npm package eslint-fixer
CVE-2019-14862 Vulnerability in maven package li.rudin.mavenjs:knockout